package com.fjec.user.shiro;

import com.fjec.common.enums.EnumLoginType;
import com.fjec.common.enums.EnumSysCode;
import com.fjec.common.exception.LoginException;
import com.fjec.common.shiro.AccountInfo;
import com.fjec.common.shiro.MyUserToken;
import com.fjec.common.util.SaltMD5;
import com.fjec.user.entity.SysUser;
import com.fjec.user.service.IUserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

@Slf4j
public class NameAndPwdRealm extends AuthorizingRealm {

//    private ISysUserService sysUserService;
//
//    private ISysRoleService sysRoleService;
//
//    private ISysPermissionService sysPermissionService;
//
//    private MarketClient marketClient;
//
//    private ISysUserLoginLogService sysUserLoginLogService;

    private IUserService userService;

    public NameAndPwdRealm(IUserService userService) {
        this.userService = userService;
//        this.sysUserService = sysUserService;
//        this.sysRoleService = sysRoleService;
//        this.sysPermissionService = sysPermissionService;
//        this.marketClient = marketClient;
//        this.sysUserLoginLogService = sysUserLoginLogService;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        String userName = (String) principalCollection.getPrimaryPrincipal();

        List<String> roles = userService.getRoleCodesByUserName(userName);
        simpleAuthorizationInfo.setRoles(new HashSet<>(roles));
        Set<String> permissions = new HashSet<>();
        for (String role : roles) {
            permissions.addAll(userService.getPermsByRoleCode(role));
        }
        simpleAuthorizationInfo.setStringPermissions(permissions);

        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException  {
        //得到用户名
        String userName = (String) token.getPrincipal();
        //得到密码
        String password = new String((char[]) token.getCredentials());
        SysUser user = userService.getSysUserByUserName(userName);
        if (user == null) {
            throw new LoginException(EnumSysCode.ERR_3004);
        }
        // 用户是否已被锁定
        if (user.getLocked() == 1) {
            throw new LoginException(EnumSysCode.ERR_3005);
        }
        try {
            if (!SaltMD5.checkPwd(password + user.getSalt() + user.getUserName(), user.getUserPwd())) {
                throw new LoginException(EnumSysCode.ERR_3007);
            }
        } catch (Exception e) {
            throw new LoginException(EnumSysCode.ERR_3006);
        }
        // 初始化用户sessioin
        List<String> roleCodeList = userService.getRoleCodesByUserId(user.getId());
        AccountInfo.init(user.getId(), user.getUserName(), roleCodeList);
        // 记录登录日志
        userService.saveLoginLog(user.getId(), 2);
        return new SimpleAuthenticationInfo(userName, password, getName());
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        MyUserToken loginToken = (MyUserToken) token;
        if (loginToken.getLoginType() == EnumLoginType.ACCOUNT_PWD) {
            return true;
        } else {
            return false;
        }
    }
}
